21_1: Summary

Object storage is a type of storage in Oracle Cloud Infrastructure (OCI) primarily used for backups. It is cost-effective and suitable for storing large amounts of data. However, object storage is a public service, meaning it is not dedicated to any single client. Instead, it utilizes shared cloud storage systems.

Despite being a shared service, object storage is safe due to encryption. You can encrypt the storage, and the encryption keys are exclusively with you, similar to block storage.

Now, we will create an object storage bucket and see how it communicates with our instances.

21_2: Block Storage vs Object Storage

Block Storage is structured and ideal for high-performance applications like databases and VMs, while Object Storage is unstructured, allowing you to store any type of data in buckets, such as backups, media files, and logs.

21_3: Creation of Object storage

Step1: Navigation

Navigate to BurgerMenu-->Storage-->Object Storage & Archive Storage

Step2: Create Bucket

A bucket is a logical container for storing objects (data files)

Step3: Fill the desired parameters.

• Name: Choose any name.

• Default Storage Tier:

  Standard Storage Tier: For frequently accessed data with low-latency and high-throughput access; more expensive.

  Archive Storage Tier: For infrequently accessed data with lower cost and higher retrieval times; less expensive.

• Enable Auto-Tiering: Automatically move infrequently accessed objects from the Standard tier to less expensive storage.

• Enable Object Versioning: Create an object version when a new object is uploaded, an existing object is overwritten, or when an object is deleted.

• Emit Object Events: Create automation based on object state changes using the Events Service.

• Uncommitted Multipart Uploads Cleanup: Create a lifecycle rule to automatically delete uncommitted multipart uploads older than 7 days.

Step4: Bucket is created.

21_4: Upload objects in bucket.

Step1: Navigate to the bucket.

Navigate to Buckets-->Click on Bucket-->Resources-->Objects-->Click Upload

Step2: Select file to upload and upload.

Step3: Object has been uploaded to bucket.

21_5: Some Scenarios

I have uploaded same text file 'Test_document' twice. And now it is showing both the files are uploaded due to Enable Object Versioning was checked on. However you can see the IDs and timing of both files are different for segregration.

21_6: Creating Pre-Authenticated request

Making an Object Storage bucket public in OCI exposes your data to anyone on the internet, increasing the risk of data breaches, unauthorized modifications, and compliance violations. Instead, use secure methods like Pre-Authenticated Requests (PARs) and IAM policies to control access. This ensures your data remains protected and compliant with regulations.

Even Oracle does not suggest to make it public.

Step1: Navigation.

Navigate to "Resources" on the left side of the bucket --> Select "Pre-Authenticated request" --> Click on "Create Pre-Authenticated Request"

Step2: Select Request Target as "Object" and fill all the required details. After that click on Create Pre-Authenticated request.

We can share the object already present in our bucket and we are sharing it to another user for that file only. Other user can access as per given access type.

Step3: After clicking, you need to copy and save that URL because it will not be shown again.

Share it to the desired receipent.

Step4: Open the URL in any browser.

21_7: Creating Lifecycle Rule

• Lifecycle rules for buckets in OCI are created to automate the management of objects, such as transitioning them to different storage tiers or deleting them after a specified period. This helps optimize storage costs and maintain data hygiene by automatically archiving or removing outdated or unused data.

• If auto-tiering is enabled in Oracle Cloud Infrastructure (OCI), you cannot manually move objects to the Infrequent Access tier because auto-tiering automatically manages the movement of objects between storage tiers based on their access patterns. Auto-tiering optimizes storage costs by dynamically adjusting the storage tier of objects without manual intervention. As we have disabled it, we can create Lifecycle rule for this.

• Navigate to Bucket-->Resources-->Lifecycle Policy Rules-->Create rule

• You can choose target, lifecycle actions and number of days per your requirement.

• Error Occurred due to insufficient permissions.

• Need to create a policy for buckets.

Burger Menu --> Identity & Security --> Select Policies --> Click on "Create Policy"

Paste the statement in manual policy builder & edit the region and compartment.

Allow service objectstorage-us-ashburn-1 to manage object-family in compartment NP_Compute

• Create lifecycle rule again.

• Lifecycle rule has been created.

21_8: Creating Retention Rule

Retention rules for buckets in Oracle Cloud Infrastructure (OCI) prevent objects from being deleted or modified for a specified period, ensuring data protection and compliance with regulatory requirements. These rules make objects immutable during the retention period, safeguarding data integrity.

• Navigate and create rule.

Bucket-->Resources-->Retention Rule-->Create Rule

• Please note that the Rule will not be created if object versioning is enabled.

Retention rules and object versioning in Oracle Cloud Infrastructure (OCI) are mutually exclusive because they serve different purposes. Retention rules enforce immutability and prevent deletion or modification of objects for a specified period, while object versioning allows multiple versions of an object to exist, enabling updates and deletions. Enabling both simultaneously would create conflicting behaviors, so OCI does not allow retention rules to be created if object versioning is enabled.